<?php

class User {

	private $_db;

	public function __construct() {
		Session::setSession();
		$this->_db = DBFactory::getDbConnection();
	}
	
	public function checkUser() {
		
		if (isset($_POST['login']) && isset($_POST['password'])) {
			$q = $this->_db->prepare("SELECT * FROM users WHERE login='".$_POST['login']."'");
			$q->execute();
			$data = $q->fetch(DBFactory::assoc());
			$id = $data['id'];
			$login = $data['login'];
			$password = $data['password'];
			if(($_POST['login']==$login)&&($_POST['password']==$password)) {
				Session::setKey('id', $id);
				Session::setKey('login', $login);
				return true;
			}
			else {
				return false;
			}
		}
		elseif (isset($_SESSION['id']) && isset($_SESSION['login'])) {
			$q = $this->_db->prepare("SELECT * FROM users WHERE login='".Session::getKey('login')."'");
			$q->execute();
			$data = $q->fetch(DBFactory::assoc());
			$id = $data['id'];
			$login = $data['login'];
			if (Session::getKey('id') == $id && Session::getKey('login') == $login) {
				return true;
			}
			else {
				return false;
			}
		}
		else {
			return false;
		}
		
	}
	
}
?>